Iran-Backed Hackers Take Control of Pennsylvania Water Station – IOTW Report

Iran-Backed Hackers Take Control of Pennsylvania Water Station

Breitbart

The municipal water authority of the Pennsylvania town of Aliquippa announced on Saturday that one of its water stations was hacked by an Iran-backed criminal group called the “Cyber Av3ngers.”

The Iranian group loaded the water station’s computer screens with messages saying “Down with Israel!” and “Every equipment ‘Made in Israel’ Is Cyber Av3ngers legal target.”

The station attacked by the Iranian hackers is part of the water pressure system for Raccoon and Potter Townships in Pennsylvania.

According to Municipal Water Authority of Aliquippa board chairman Matthew Mottes, alarms were triggered as soon as the system was compromised, and the water quality of the two townships was never in serious danger.

Mottes said the water booster station uses equipment made by Unitronics, an automation company headquartered in Israel. The compromised system was disabled for safety as soon as the hack was detected. more here

19 Comments on Iran-Backed Hackers Take Control of Pennsylvania Water Station

  1. OT, BUT HERE’S A HEADLINE THAT MADE ME LMAO TODAY:

    First American Released By Hamas Is RELATED To A Hunter Biden Art Buyer

    THE HITS JUST KEEP A’COMIN’!!!

    LOLOL

    12
  2. Unitronics SUCKS and a Government entity with a Government budget could afford REAL stuff like Allen Bradley or Siemens.

    Unless they are pocketing the difference.

    I was forced to use Unitronics once by a manager who is no longer employed. The hardware socks, the software sucks, and I’m not surprised that ANYONE found it easy to hack.

    I didn’t know it was Israel make tho. If they actually use that garbage for IDF purposes, that helps explain to me how the Palis were able to get past it.

    6
  3. And so it begins! It’s only gonna get worse!
    Don’t drop yer keys or you’ll have to kick ’em to Canada to pick ’em up… just don’t let that commie Turddoh know!

    1
  4. Pearl Harbor and 9-11 will look like a toddlers’ tea party compared to what comes next. Somebody better wake the hell up.

    Maybe if the G-men can get their thumbs out of their asses and investigate real crimes instead of made-up J6 bullshit.

    7
  5. The best way to keep your control systems from being hacked is completely isolate them from the internet. I work for company that falls under DOT, FERC, DHS and other agencies. Every time this stuff happens, things just get locked down harder.

    @SNS – I worked with Siemens/TI 505 series for about 15 years, wish I still could. Shit was bulletproof. We switched to AB close to a decade ago, my biggest bitch is Rockwell’s software/firmware revisions

    10
  6. 9Booger
    MONDAY, 27 NOVEMBER 2023, 18:15 AT 6:15 PM
    “The best way to keep your control systems from being hacked is completely isolate them from the internet.”

    …my critical control systems that also have proprietary information on them like recipies and capacities have an air firewall between not only them and the Internet, but them and the corporate intranet too. Individual systems pass information to a host over a very local LAN that has its own printers for routine reports; backups are kept on dedicated offline SSDs and transferred to isolated backup hosts; and the only way data is bridged to the intranet is via sterilized thumbs in a locked, monitored room with badge identified and limited access. No part of it has any wireless or Bluetooth component.

    I don’t care how good a hacker you are. Unless you have physical access, you aren’t going to overcome an air gap.

    Amen on the AB revisions. I had to toss 4 perfectly good, if somewhat old, HMIs because they were v4 and the build software couldn’t regress to make runtimes for them any more. Also a pain when you take a new one out of the box, PLC or HMI, and have to decide which version you have to flash it to before you can do anything else. And it’s a HUGE pain with DeviceNet systems when someone set it to “exact match” 15 years ago, and they just don’t make drives with that version and revision level any more.

    That said, my AB stuff is SUPER reliable after the initial set up. I’m still using some drives and soft starts that were OEM in 1989. I have to maintain a Windows 2000 system to talk to my PLC5 on a DH+ (pre-Ethernet proprietary standard) network, but I still USE parts of a DH+ network EVERY DAY.

    3
  7. My story was fixing a new Siemens system in Heidelberg. It seems there are a lot of lightning storms in Germany. This new tall industrial building had some strange German lightning collection system. The Germans could not figure out why every lightning storm glitched out the Siemens stuff. Since it was all optical fiber connected! Incredibly they had connected all the power supplies to this lightning grounding system. My solution was to run every node off of its own separate ferro resonant isolated transformer. The Germans did not even know that this amazing device was invented in Germany

    3
  8. You know what fucks up VERY RARELY in HVAC?

    A Mercury Bulb BASIC THERMOSTAT with no Batteries, programing, Wi-Fi, or Google Notifications. The one running my office is from 1987.

    The only drawback is that the Home Owner has to Slightly lower the HEAT when the Fuck Off to work & lift it back up slightly when they get back home. (That takes a whole 2 seconds of work, or an ETERNITY for today’s young Fuck-Tards.)

    6
  9. @SNS — FYI: “…team of researchers from the Security and Cryptography Laboratory in Lausanne, Switzerland, found four different ways to fully or partially recover keystrokes from wired keyboards at a distance up to 20 meters, even through walls.”

    https://www.zdnet.com/article/researchers-hack-wired-keyboards-hijack-keystrokes/

    Yeah, it’s “only” keyboard strokes, but it illustrates an expandable capability that you can bet NSA spooks are expertly exploiting.

    4
  10. Mr Night Shade is correct, the only surefire method of avoiding being hacked is an air gap that never never never connects to the internet. Still, a lot of these govt agencies seem really lax in security. It takes discipline.

    3

Comments are closed.